Verified Commit 32640844 authored by Hugo's avatar Hugo
Browse files

hedgedoc poc

parents
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
apiVersion: v2
name: hedgedoc
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.6.0"
{{/*
Expand the name of the chart.
*/}}
{{- define "fqdn" -}}
{{ .Release.Name }}-{{ .Release.Namespace }}
{{- end }}
{{- define "domain" -}}
{{ include "fqdn" . | replace "-" "." }}
{{- end }}
kind: ConfigMap
metadata:
name: {{ include "fqdn" . }}-config
apiVersion: v1
data:
{{- if .Values.oauth.enabled }}
CMD_OAUTH2_USER_PROFILE_URL: {{ tpl .Values.oauth.url.userProfile . }}
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: {{ .Values.oauth.attribute.username }}
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: {{ .Values.oauth.attribute.displayName }}
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: {{ .Values.oauth.attribute.email }}
CMD_OAUTH2_TOKEN_URL: {{ tpl .Values.oauth.url.token . }}
CMD_OAUTH2_AUTHORIZATION_URL: {{ tpl .Values.oauth.url.authorization . }}
CMD_OAUTH2_PROVIDERNAME: {{ .Values.oauth.providerName }}
{{- if .Values.oauth.disableEmail }}
CMD_EMAIL: "false"
{{ end -}}
{{ end -}}
CMD_IMAGE_UPLOAD_TYPE: minio
CMD_S3_REGION: default
CMD_S3_BUCKET: {{ include "fqdn" . }}
CMD_MINIO_ENDPOINT: "s3.standard.indie.host"
CMD_PROTOCOL_USESSL: "true"
CMD_URL_ADDPORT: "false"
CMD_ALLOW_FREEURL: "true"
CMD_MINIO_PORT: "443"
CMD_MINIO_SECURE: "true"
CMD_USECDN: "false"
CMD_DOMAIN: {{ include "domain" . }}
DB_TYPE: postgres
\ No newline at end of file
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
name: {{ include "fqdn" . }}-app
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
template:
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
spec:
volumes:
containers:
- env:
- name: CMD_DB_URL
valueFrom:
secretKeyRef:
key: postgresql-url
name: {{ include "fqdn" . }}
- name: CMD_SESSION_SECRET
valueFrom:
secretKeyRef:
key: session
name: {{ include "fqdn" . }}
- name: CMD_MINIO_ACCESS_KEY
valueFrom:
secretKeyRef:
key: AWS_ACCESS_KEY_ID
name: {{ include "fqdn" . }}-s3
- name: CMD_MINIO_SECRET_KEY
valueFrom:
secretKeyRef:
key: AWS_SECRET_ACCESS_KEY
name: {{ include "fqdn" . }}-s3
{{- if .Values.oauth.enabled }}
- name: CMD_OAUTH2_CLIENT_ID
valueFrom:
secretKeyRef:
key: client-id
name: {{ include "fqdn" . }}-oidc
- name: CMD_OAUTH2_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: client-secret
name: {{ include "fqdn" . }}-oidc
{{- end }}
envFrom:
- configMapRef:
name: {{ include "fqdn" . }}-config
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: IfNotPresent
name: hedgedoc
ports:
- containerPort: 3000
name: http
protocol: TCP
\ No newline at end of file
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
name: {{ include "fqdn" . }}-app
spec:
rules:
- host: {{ include "domain" . }}
http:
paths:
- backend:
serviceName: {{ include "fqdn" . }}-app
servicePort: http
path: /
tls:
- hosts:
- {{ include "domain" . }}
secretName: {{ include "fqdn" . }}-tls
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
name: {{ include "fqdn" . }}-app
spec:
ports:
- name: http
port: 3000
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/component: app
app.kubernetes.io/instance: {{ include "fqdn" . }}
app.kubernetes.io/name: hedgedoc
app.kubernetes.io/part-of: hedgedoc
type: ClusterIP
image:
repository: indiehosters/codimd
pullPolicy: IfNotPresent
tag: ""
oauth:
enabled: true
providerName: Liiibre
disableEmail: true
url:
token: "https://id.indie.host/auth/realms/{{ .Release.Namespace }}/protocol/openid-connect/token"
authorization: "https://id.indie.host/auth/realms/{{ .Release.Namespace }}/protocol/openid-connect/auth"
userProfile: "https://id.indie.host/auth/realms/{{ .Release.Namespace }}/protocol/openid-connect/userinfo"
attribute:
username: preferred_username
displayName: name
email: email
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment